Unleashing Dynamic Pipeline Reconfiguration of P4 Switches for Efficient Network Monitoring

As it is happening in many fields that need efficient and effective classification of data, Machine Learning (ML) is becoming increasingly popular in network management and monitoring. In general we can say that ML algorithms are complex, therefore better suited for execution in the centralized control plane of modern networks, but are also heavily reliant on data, that are necessarily collected in the data plane. The inevitable consequence is that may arise the need to transfer lots of data from the data plane to the control plane, with the risk to cause congestion on the control communication channel. This may turn into a major drawback, since congestion on the control channel may have a significant impact on network operations. Therefore it is of paramount importance to design systems capable of minimizing the interaction between data and control planes while ensuring good monitoring performance. The most recent generation of data plane programmable switches supporting the P4 language can help mitigate this problem by preprocessing traffic data at line rate. In this manuscript we follow this approach and propose P4RTHENON: an architecture to distill in the data plane the relevant information to be mirrored to the control plane, where complex analysis can be performed. P4RTHENON leverages the P4-native support for runtime data plane pipeline reconfiguration to minimize the interaction between data and control planes while ensuring good monitoring performance. We tested our scheme on the volumetric DDoS detection use case: P4RTHENON reduces the volume of exchanged data by almost 75% compared to a pure control-plane-based solution, guarantees low memory consumption in the data plane, and does not degrade the overall DDoS detection capabilities.